Intrusion Prevention

Oracle.Database.Server.XDB.DBMS_XMLSCHEMA.Buffer.Overflow

Description

This indicates an attack attempt against a buffer overflow vulnerability in
Oracle Database Server.
The vulnerability is caused by lacking of checking the parameter passed to procedures which are used to register and delete XML schemas. It allows a remote attacker to execute arbitrary code via sending a crafted request from client.

Affected Products

Oracle Database server 9.2.0.7
Oracle Database server 10.1.0.4

Impact

System Comprise:Remote attackers can gain control of the vulnerable system.

Recommended Actions

Apply patch,available from the web site.
http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html

CVE References

CVE-2006-0272